Upstream has issued an advisory on August 30: https://www.openwall.com/lists/oss-security/2021/08/30/1 The issues are fixed upstream in 2021.8.22. Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 2021.8.22Whiteboard: (none) => MGA8TOO
Ubuntu has issued an advisory for this today (August 31): https://ubuntu.com/security/notices/USN-5060-1
This is not officially your baby, Thierry, but you are the actual maintainer of ntfs-3g so assigning the update to you.
Assignee: bugsquad => thierry.vignaud
ntfs-3g-2021.8.22-10.mga9 uploaded for Cauldron by Thierry.
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8
Fedora has issued an advisory for this today (September 4): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/J6ACAL2OSY4MFKIQMETQG4T7ZJS2BVPE/ Along with rebuilds for libguestfs, wimlib, partclone, ntfs-3g-system-compression, and testdisk: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SLSOBEE7QRLS7S72RUIQFIPNXB5SMAKH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IFHFQHPLPXKPUPM2WCEW5XVDXKUXTWIJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/N52PUEAJ3W3INEIARUBQDKIR6QSNREZV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CXZL7RSFZS53EPVKW6JCXKCZVQ7MNMSB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/44FIWEAGGBM4REQYSOCYBUTMW7NR7VAO/
openSUSE has issued an advisory for this today (September 7): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/APJMFOEFTZSFEAKDMRWUM25JNERJUHUT/
Debian has issued an advisory for this on September 9: https://www.debian.org/security/2021/dsa-4971
New version pushed in mga8: src: - ntfs-3g-2021.8.22-1.mga8 - libguestfs-1.44.0-2.1.mga8 - wimlib-1.13.3-1.1.mga8 - partclone-0.3.17-1.1.mga8 - ntfs-3g-system-compression-1.0-1.1.mga8 - testdisk-7.1-2.1.mga8
CC: (none) => mageia, thierry.vignaudStatus comment: Fixed upstream in 2021.8.22 => (none)Assignee: thierry.vignaud => qa-bugs
Assignee: qa-bugs => mageia
build issue for partclone
For ntfs-3g: ntfs-3g-2021.8.22-1.mga8 libntfs-3g89-2021.8.22-1.mga8 libntfs-3g-devel-2021.8.22-1.mga8 For the others, you'll have to rebuild them all again. The ntfs-3g build hasn't uploaded yet, so the rebuilds didn't build against it.
Status comment: (none) => Other packages need rebuilt against updated library
ouch sorry :-)
New version pushed in mga8: src: - ntfs-3g-2021.8.22-1.mga8 - libguestfs-1.44.0-2.2.mga8 - wimlib-1.13.3-1.2.mga8 - partclone-0.3.18-1.mga8 - ntfs-3g-system-compression-1.0-1.2.mga8 - testdisk-7.1-2.2.mga8
Status comment: Other packages need rebuilt against updated library => (none)Assignee: mageia => qa-bugs
(In reply to David Walser from comment #10) > For ntfs-3g: > ntfs-3g-2021.8.22-1.mga8 > libntfs-3g89-2021.8.22-1.mga8 > libntfs-3g-devel-2021.8.22-1.mga8 For the rebuilds: libguestfs-1.44.0-2.2.mga8 ocaml-libguestfs-devel-1.44.0-2.2.mga8 virt-dib-1.44.0-2.2.mga8 libguestfs-devel-1.44.0-2.2.mga8 libguestfs-gobject-devel-1.44.0-2.2.mga8 ocaml-libguestfs-1.44.0-2.2.mga8 perl-Sys-Guestfs-1.44.0-2.2.mga8 libguestfs-tools-c-1.44.0-2.2.mga8 python3-libguestfs-1.44.0-2.2.mga8 ruby-libguestfs-1.44.0-2.2.mga8 libguestfs-man-pages-uk-1.44.0-2.2.mga8 libguestfs-man-pages-ja-1.44.0-2.2.mga8 libguestfs-gobject-1.44.0-2.2.mga8 lua-guestfs-1.44.0-2.2.mga8 libguestfs-tools-1.44.0-2.2.mga8 libguestfs-vala-1.44.0-2.2.mga8 libguestfs-rescue-1.44.0-2.2.mga8 libguestfs-bash-completion-1.44.0-2.2.mga8 libguestfs-hfsplus-1.44.0-2.2.mga8 libguestfs-reiserfs-1.44.0-2.2.mga8 libguestfs-nilfs-1.44.0-2.2.mga8 libguestfs-gfs2-1.44.0-2.2.mga8 libguestfs-forensics-1.44.0-2.2.mga8 libguestfs-jfs-1.44.0-2.2.mga8 libguestfs-xfs-1.44.0-2.2.mga8 libguestfs-rsync-1.44.0-2.2.mga8 libguestfs-ufs-1.44.0-2.2.mga8 libguestfs-zfs-1.44.0-2.2.mga8 libguestfs-inspect-icons-1.44.0-2.2.mga8 wimlib-1.13.3-1.2.mga8 libwim15-1.13.3-1.2.mga8 libwim-devel-1.13.3-1.2.mga8 ntfs-3g-system-compression-1.0-1.2.mga8 photorec-7.1-2.2.mga8 testdisk-7.1-2.2.mga8 partclone-0.3.18-1.mga8
The following 4 packages are going to be installed: - lib64ntfs-3g89-2021.8.22-1.mga8.x86_64 - ntfs-3g-2021.8.22-1.mga8.x86_64 - ntfs-3g-system-compression-1.0-1.2.mga8.x86_64 - testdisk-7.1-2.2.mga8.x86_64 No installation issues. I have an ATSC TV converter box with a USB 2.0 port. Using a microSD card in a card reader, the box can record TV and/or play video files. The box can only use FAT32 or NTFS, with NTFS being preferred for recording. Using a card that was formatted to NTFS in that box, I used Dolphin to look at the directory, copy a couple of video files to the card, and copy them back to a different spot on my hard drive. The resulting files played back perfectly. Switching to Konsole, I ran testdisk as root, and analyzed the partition on the SD card. I did not change anything, and no issues were noted. Giving this a 64-bit OK, and Validating.
Keywords: (none) => validated_updateWhiteboard: (none) => MGA8-64-OKCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0001.html
Status: NEW => RESOLVEDResolution: (none) => FIXED